Ah... one more reason for me to keep it disabled -- I want to be the one poking holes in my firewall, not any program that happens to be running on the network.

Well, good point, but any software that requests a hole be punched has already had approval from ZoneAlarm, and when I'm not actively using BitTorrent, the hole shuts itself off. Yes, it's similar to port triggering, but applications request exactly the ports they need, then shut them off when they don't need them.